CertiGuide to Security+  9  Chapter 4:  Basics of Cryptography (Domain 4.0; 15%)

4.0  Basics of Cryptography 1 4.1.1  Hashing

An algorithm is a sequence of steps that specify in detail how to perform an action. For example, an algorithm for starting a car might include steps to approach the driver’s side of the car, unlock the front door, open the front door, get in the car, close the front door, put the key in the ignition, and turn the key. The term “algorithm” derives from the name of a 9^th century Persian mathematician.

A computerized algorithm is a sequence of operations and inputs. The inputs provided to the algorithm determine exactly which steps of the algorithm are performed. In the car example above, the algorithm’s sequence of operations would include the sub-steps involved in opening the door. The inputs would include the type of handle on the door. Using the provided inputs (based on car make, model and year), the algorithm would select the correct steps to perform (pull the handle toward you for a Mercedes, click the latch behind the handle for a vintage VW).

When discussing encryption, cryptographers will often use the terms “plaintext,” “cipher text” and “message.” A message, in the context of cryptography, is the data that will be safeguarded by encryption, in either its plaintext or encrypted state. To you, a message might usually be an email or an IM or SMS message. To a cryptographer, a message might be those items, or a PDF sent via FTP from a secure download site, or a Web form containing sensitive data, or some keystrokes from an encrypted terminal session via SSH, or anything else whose contents will be (or have been) subject to cryptography. Plaintext is the “before” state of whatever you’re encrypting. It may be text, or it may be an MP3 of your garage band’s newest song that you’re sending to friends a week before it is available for sale at local record stores, or it may be anything else you want to protect from others. Cipher text is the “after” state – the message in its encrypted form.

An encryption algorithm typically uses a series of mathematical or “bit-twiddling” formulas and a user-provided key to transform a “plaintext” message into an encrypted message, usually also employing a user-provided “key” which determines the output cipher text produced. For example, in the Julius Caesar example above, the algorithm involves taking the position of the original letter in the alphabet, adding 3 to it, and replacing the original letter with the one at that new position in the alphabet.

The three types of cryptographic algorithms we will look at in this section are hashing, symmetric and asymmetric algorithms.

4.0  Basics of Cryptography 1 4.1.1  Hashing